diff options
4 files changed, 58 insertions, 4 deletions
diff --git a/chrome/browser/safe_browsing/client_side_detection_host.cc b/chrome/browser/safe_browsing/client_side_detection_host.cc index 879ff1a..ef2e70f 100644 --- a/chrome/browser/safe_browsing/client_side_detection_host.cc +++ b/chrome/browser/safe_browsing/client_side_detection_host.cc @@ -61,9 +61,19 @@ class ClientSideDetectionHost::ShouldClassifyUrlRequest void Start() { DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); + // We start by doing some simple checks that can run on the UI thread. - // We first start by doing the proxy, local IP and off-the-record checks - // synchronously because they are fast and they run on the UI thread. + // Only classify [X]HTML documents. + if (params_.contents_mime_type != "text/html" && + params_.contents_mime_type != "application/xhtml+xml") { + VLOG(1) << "Skipping phishing classification for URL: " << params_.url + << " because it has an unsupported MIME type: " + << params_.contents_mime_type; + UMA_HISTOGRAM_ENUMERATION("SBClientPhishing.PreClassificationCheckFail", + NO_CLASSIFY_UNSUPPORTED_MIME_TYPE, + NO_CLASSIFY_MAX); + return; + } // Don't run the phishing classifier if the URL came from a private // network, since we don't want to ping back in this case. We also need @@ -132,6 +142,7 @@ class ClientSideDetectionHost::ShouldClassifyUrlRequest NO_CLASSIFY_OFF_THE_RECORD, NO_CLASSIFY_MATCH_CSD_WHITELIST, NO_CLASSIFY_TOO_MANY_REPORTS, + NO_CLASSIFY_UNSUPPORTED_MIME_TYPE, NO_CLASSIFY_MAX // Always add new values before this one. }; diff --git a/chrome/browser/safe_browsing/client_side_detection_host_unittest.cc b/chrome/browser/safe_browsing/client_side_detection_host_unittest.cc index 0943535..e56f908 100644 --- a/chrome/browser/safe_browsing/client_side_detection_host_unittest.cc +++ b/chrome/browser/safe_browsing/client_side_detection_host_unittest.cc @@ -433,6 +433,24 @@ TEST_F(ClientSideDetectionHostTest, ShouldClassifyUrl) { SafeBrowsingMsg_StartPhishingDetection::ID); ASSERT_FALSE(msg); + // Check that XHTML is supported, in addition to the default HTML type. + // Note: for this test to work correctly, the new URL must be on the + // same domain as the previous URL, otherwise it will create a new + // RenderViewHost that won't have the mime type set. + url = GURL("http://host.com/xhtml"); + rvh()->set_contents_mime_type("application/xhtml+xml"); + ExpectPreClassificationChecks(url, &kFalse, &kFalse, &kFalse, &kFalse, + &kFalse, &kFalse); + NavigateAndCommit(url); + WaitAndCheckPreClassificationChecks(); + msg = process()->sink().GetFirstMessageMatching( + SafeBrowsingMsg_StartPhishingDetection::ID); + ASSERT_TRUE(msg); + SafeBrowsingMsg_StartPhishingDetection::Read(msg, &actual_url); + EXPECT_EQ(url, actual_url.a); + EXPECT_EQ(rvh()->routing_id(), msg->routing_id()); + process()->sink().ClearMessages(); + // Navigate to a new host, which should cause another IPC. url = GURL("http://host2.com/"); ExpectPreClassificationChecks(url, &kFalse, &kFalse, &kFalse, &kFalse, @@ -447,6 +465,19 @@ TEST_F(ClientSideDetectionHostTest, ShouldClassifyUrl) { EXPECT_EQ(rvh()->routing_id(), msg->routing_id()); process()->sink().ClearMessages(); + // If the mime type is not one that we support, no IPC should be triggered. + // Note: for this test to work correctly, the new URL must be on the + // same domain as the previous URL, otherwise it will create a new + // RenderViewHost that won't have the mime type set. + url = GURL("http://host2.com/image.jpg"); + rvh()->set_contents_mime_type("image/jpeg"); + ExpectPreClassificationChecks(url, NULL, NULL, NULL, NULL, NULL, NULL); + NavigateAndCommit(url); + WaitAndCheckPreClassificationChecks(); + msg = process()->sink().GetFirstMessageMatching( + SafeBrowsingMsg_StartPhishingDetection::ID); + ASSERT_FALSE(msg); + // If IsPrivateIPAddress returns true, no IPC should be triggered. url = GURL("http://host3.com/"); ExpectPreClassificationChecks(url, &kTrue, NULL, NULL, NULL, NULL, NULL); diff --git a/content/browser/renderer_host/test_render_view_host.cc b/content/browser/renderer_host/test_render_view_host.cc index 06e884c..6eba441 100644 --- a/content/browser/renderer_host/test_render_view_host.cc +++ b/content/browser/renderer_host/test_render_view_host.cc @@ -46,7 +46,8 @@ TestRenderViewHost::TestRenderViewHost(SiteInstance* instance, kInvalidSessionStorageNamespaceId), render_view_created_(false), delete_counter_(NULL), - simulate_fetch_via_proxy_(false) { + simulate_fetch_via_proxy_(false), + contents_mime_type_("text/html") { // For normal RenderViewHosts, this is freed when |Shutdown()| is called. // For TestRenderViewHost, the view is explicitly deleted in the destructor // below, because TestRenderWidgetHostView::Destroy() doesn't |delete this|. @@ -95,7 +96,7 @@ void TestRenderViewHost::SendNavigateWithTransition( params.password_form = PasswordForm(); params.security_info = std::string(); params.gesture = NavigationGestureUser; - params.contents_mime_type = std::string(); + params.contents_mime_type = contents_mime_type_; params.is_post = false; params.was_within_same_page = false; params.http_status_code = 0; @@ -112,6 +113,10 @@ void TestRenderViewHost::set_simulate_fetch_via_proxy(bool proxy) { simulate_fetch_via_proxy_ = proxy; } +void TestRenderViewHost::set_contents_mime_type(const std::string& mime_type) { + contents_mime_type_ = mime_type; +} + TestRenderWidgetHostView::TestRenderWidgetHostView(RenderWidgetHost* rwh) : rwh_(rwh), is_showing_(false) { diff --git a/content/browser/renderer_host/test_render_view_host.h b/content/browser/renderer_host/test_render_view_host.h index f25c8c7..4326529 100644 --- a/content/browser/renderer_host/test_render_view_host.h +++ b/content/browser/renderer_host/test_render_view_host.h @@ -206,6 +206,10 @@ class TestRenderViewHost : public RenderViewHost { // False by default. void set_simulate_fetch_via_proxy(bool proxy); + // If set, future loads will have |mime_type| set as the mime type. + // If not set, the mime type will default to "text/html". + void set_contents_mime_type(const std::string& mime_type); + // RenderViewHost overrides -------------------------------------------------- virtual bool CreateRenderView(const string16& frame_name); @@ -224,6 +228,9 @@ class TestRenderViewHost : public RenderViewHost { // See set_simulate_fetch_via_proxy() above. bool simulate_fetch_via_proxy_; + // See set_contents_mime_type() above. + std::string contents_mime_type_; + DISALLOW_COPY_AND_ASSIGN(TestRenderViewHost); }; |